diff options
| author | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2019-02-28 10:16:27 +0100 |
|---|---|---|
| committer | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2019-02-28 10:16:27 +0100 |
| commit | 7c570c763725fdaa40778d6cd6689b09b3971f50 (patch) | |
| tree | a75f7dcc92e09da5626b728d88780a402221d251 /oauthlib/oauth2/rfc6749 | |
| parent | 73032fe688a899f80d2a65479c72fec450ec51a1 (diff) | |
| download | oauthlib-7c570c763725fdaa40778d6cd6689b09b3971f50.tar.gz | |
Add technicals fields of `id_token` in oauthlib OIDC support
A new RequestValidator `fill_id_token` has been introduced to replace `get_id_token`. It aims to have the bare minimum amount of fields to complete a full OIDC id_token support. `get_id_token` is still valid but optional, and if it is implemented, `fill_id_token` will not be called. The current `fill_id_token` came with full support of `aud`, `iat`, `nonce`, `at_hash` and `c_hash`. More could come in the future e.g. `auth_time`, ...
Diffstat (limited to 'oauthlib/oauth2/rfc6749')
| -rw-r--r-- | oauthlib/oauth2/rfc6749/request_validator.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/oauthlib/oauth2/rfc6749/request_validator.py b/oauthlib/oauth2/rfc6749/request_validator.py index d6ec2ab..86509b6 100644 --- a/oauthlib/oauth2/rfc6749/request_validator.py +++ b/oauthlib/oauth2/rfc6749/request_validator.py @@ -271,6 +271,9 @@ class RequestValidator(object): - Code Challenge (``request.code_challenge``) and - Code Challenge Method (``request.code_challenge_method``) + To support OIDC, you MUST associate the code with: + - nonce, if present (``code["nonce"]``) + The ``code`` argument is actually a dictionary, containing at least a ``code`` key with the actual authorization code: |